You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
104 lines
3.0 KiB
104 lines
3.0 KiB
#cloud-config
|
|
# vim: syntax=yaml
|
|
|
|
disk_setup:
|
|
/dev/vdb:
|
|
table_type: mbr
|
|
layout:
|
|
- 100
|
|
overwrite: false
|
|
fs_setup:
|
|
- label: storage
|
|
filesystem: xfs
|
|
device: /dev/vdb
|
|
partition: 1
|
|
resize_rootfs: true
|
|
|
|
mounts:
|
|
- [ "/dev/vdb1", "/srv", "xfs", "defaults", "0", "0" ]
|
|
|
|
users:
|
|
- name: nicolas
|
|
gecos: Nicolas MASSE
|
|
groups: wheel
|
|
lock_passwd: false
|
|
passwd: $6$XUTB20jVVXIqh78k$L1A9Lft5JlbOtNbeDP.fOZ5giLl09LfJGGCon5uwtsIhPJoNkj4SIk08Rb6vSowOps2ik5tlUwT2ZOZ6jjr7.0
|
|
ssh_authorized_keys:
|
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPR1tt58X0+vbvsCR12gMAqr+g7vjt1Fx/qqz9EiboIs nicolas@localhost.localdomain
|
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFW62WJXI1ZCMfNA4w0dMpL0fsldhbEfULNGIUB0nQui nmasse@localhost.localdomain
|
|
|
|
packages:
|
|
# Useful tools
|
|
- net-tools
|
|
- hdparm
|
|
- iptraf
|
|
- iotop
|
|
- vim-enhanced
|
|
- tmux
|
|
- rsync
|
|
- tree
|
|
- unzip
|
|
- tar
|
|
- tcpdump
|
|
- telnet
|
|
- strace
|
|
- bind-utils
|
|
# NFS
|
|
- firewalld
|
|
- nfs-utils
|
|
|
|
runcmd:
|
|
# Enable KVM virsh console access
|
|
- [ "systemctl", "enable", "serial-getty@ttyS0.service" ]
|
|
- [ "systemctl", "start", "--no-block", "serial-getty@ttyS0.service" ]
|
|
# Disable SSH password authentication
|
|
- [ "sed", "-i.post-install", "-e", "s/PasswordAuthentication yes/PasswordAuthentication no/", "/etc/ssh/sshd_config" ]
|
|
- [ "systemctl", "restart", "sshd" ]
|
|
# Enable sudo without password
|
|
- [ "sed", "-i.post-install", "-e", "s/^%wheel\tALL=(ALL)\tALL/%wheel ALL=(ALL) NOPASSWD: ALL/", "/etc/sudoers" ]
|
|
# Fix file permissions
|
|
- [ "chown", "-R", "nicolas:nicolas", "/home/nicolas" ]
|
|
# Enable NFS
|
|
- [ "mount", "/srv" ]
|
|
- [ "systemctl", "enable", "rpcbind" ]
|
|
- [ "systemctl", "start", "rpcbind" ]
|
|
- [ "systemctl", "enable", "nfs-server" ]
|
|
- [ "systemctl", "start", "nfs-server" ]
|
|
- [ "systemctl", "enable", "firewalld" ]
|
|
- [ "systemctl", "start", "firewalld" ]
|
|
- [ "setsebool", "-P", "nfs_export_all_rw", "1" ]
|
|
- [ "mkdir", "-p", "/srv/nfs" ]
|
|
- [ "exportfs", "-rav" ]
|
|
#- [ "/bin/bash", "-c", "for i in {0..999}; do pv=$(printf '/srv/nfs/pv-%03d\n' $i); mkdir $pv; chmod 777 $pv; done" ]
|
|
- [ "/bin/bash", "-c", "for pv in pv-infra-registry pv-user-pvs; do mkdir -p /srv/nfs/$pv; chmod 770 /srv/nfs/$pv; done" ]
|
|
- [ "firewall-cmd", "--add-service=nfs", "--permanent" ]
|
|
- [ "firewall-cmd", "--reload" ]
|
|
|
|
write_files:
|
|
- path: /root/.bashrc
|
|
# PS1='\[\033[01;31m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]# '
|
|
content: |
|
|
UFMxPSdcW1wwMzNbMDE7MzFtXF1cdUBcaFxbXDAzM1swMG1cXTpcW1wwMzNbMDE7MzRtXF1cd1xb
|
|
XDAzM1swMG1cXSMgJwo=
|
|
encoding: base64
|
|
append: true
|
|
|
|
- path: /etc/skel/.bashrc
|
|
# PS1='\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
|
|
content: |
|
|
UFMxPSdcW1wwMzNbMDE7MzJtXF1cdUBcaFxbXDAzM1swMG1cXTpcW1wwMzNbMDE7MzRtXF1cd1xb
|
|
XDAzM1swMG1cXVwkICcK
|
|
encoding: base64
|
|
append: true
|
|
|
|
- path: /home/nicolas/.bashrc
|
|
# PS1='\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
|
|
content: |
|
|
UFMxPSdcW1wwMzNbMDE7MzJtXF1cdUBcaFxbXDAzM1swMG1cXTpcW1wwMzNbMDE7MzRtXF1cd1xb
|
|
XDAzM1swMG1cXVwkICcK
|
|
encoding: base64
|
|
append: true
|
|
|
|
- path: /etc/exports
|
|
content: |
|
|
/srv/nfs *(rw,no_root_squash)
|
|
|